Wednesday, July 26, 2017

Today I am going to focus on writing tests for clcl. I wrote one that tests encryption for private keys. It wasn't working until I remembered that if you encrypt something with a private keyyou decrypt it with the corresponding public key (I was trying to decrypt it with the private key, you'd think that I would realize after all this time...).

Sunday, July 23, 2017

I was decrying the state of Java and SSL, in particular, the lack of good tools and libraries for crypto stuff, when I decided to stop complaining and do something about it. Sigh. And so CLCL, the com ltsllc crypto library, was born.

CLCL is a collection of classes that I have taken from the Miranda project and put into their own library. CLCL does actually do anything it just makes it easier to use classes that do all the crypto stuff. Java and SSL have both been around for over 10 years. It is about time they got some tools.

Monday, July 17, 2017

The Long Term Software vision boils down doing the things that we are supposed to do, but that haven't been done.

There are certain parts of software engineering that we know are beneficial, but which don't get done. Things like documentation, testing and refactoring. A person cannot be expected to modify a system correctly, but time and time again, developers are asked to do just that. Adequate documentation solves this problem.

As a system ages, it gradually acquires quirks. Maybe an approach seemed like a good idea at the time but later proved to be a bad idea. Whatever the case may be, systems require refactoring to make them consistent again.

Testing is often times the orphan child of software engineering. All systems should have tests but they often don't have them. This really comes back to bite when a change is made to a system that breaks something else. Without adequate tests, there is no way to know that this has happened.

None of these ideas are Earth-shattering. We know that these things should be done. But for whatever reason they don't get done. Maybe there is some sort of deadline that has to be met and corners have to cut to make it. Perhaps there is some new approach or cost-cutting going on that someone is eager to prove right. Whatever the reason, the things that should get done don't get done.

This problem is not unique to software, it happens across the board. Take a look at the number of people who are overweight. Everyone knows that dieting and exercise are good ideas, but people don't do them.

The Long Term Software approach is to do the things that we know are right but which don't get done. While this is easy in principal, it is hard to do in practice. That is why you need to bring in someone from outside the organization to do it.

Sunday, July 9, 2017

In an effort to make it easier to use Miranda, I have created the miradaUtilities project on github (https://github.com/ltsllc-consulting/mirandaUtilities). Currently, the utility allows creation of new users, but it will include creating CAs, nodes and subscriptions as well.

Thursday, July 6, 2017

This post is part of a series about the worlds of Java and SSL. I hope to do 1 post a day on this topic. The resulting posts will become the basis for another section of a talk that I am scheduled to give on August 10 at the Boulder/Denver Cybersecurity Meetup.

The code that registers servlets:

HandlerCollection handlerCollection = new HandlerCollection(true); handlerCollection.addHandler(resourceHandler); jetty.setHandler(handlerCollection);Then to add servlets: servletHandler.addServletWithMapping(, );Jetty says that a handler can be "mutable at runtime" but I haven't had too much luck with that.

Tuesday, July 4, 2017

This post is part of a series about the worlds of Java and SSL. I hope to do 1 post a day on this topic. The resulting posts will become the basis for another section of a talk that I am scheduled to give on August 10 at the Boulder/Denver Cybersecurity Meetup.

How to Host Secure Web Services

Using Jetty

Define Jetty's properties

Register the servlets

Register the SSL handler

Start Jetty

I was going to do this in one slide, but realized that there was too much material, so I made it into it's own section.

Monday, July 3, 2017

This post is part of a series about the worlds of Java and SSL. I hope to do 1 post a day on this topic. The resulting posts will become the basis for another section of a talk that I am scheduled to give on August 10 at the Boulder/Denver Cybersecurity Meetup.

Sunday, July 2, 2017

This post is part of a series about the worlds of Java and SSL. I hope to do 1 post a day on this topic. The resulting posts will become the basis for another section of a talk that I am scheduled to give on August 10 at the Boulder/Denver Cybersecurity Meetup.

This post is part of a series about the worlds of Java and SSL. I hope to do 1 post a day on this topic. The resulting posts will become the basis for another section of a talk that I am scheduled to give on August 10 at the Boulder/Denver Cybersecurity Meetup.

How to Sign a CSR

What this does

A signed CSR is a certificate. This is basically just a public key, and a hash code encrypted with the private key of the signer.